Can't Connect to Server


I've been experiencing some server connectivity issues for the past week.  Here are the details:


1) All useer are able to log on to their work stations.  They have internet and can access the shared network drive.

2) Server is really slow.  Cannot even fully log on to the server.  After entering in login credentials it hangs.  If I'm able to get to the desktop I can't really do anything to check any of the network settings, check virus scans, etc.

Basically, everything works except the server.


1) I cannot RDP to the server.  It hangs at "Configuring Remote Session".

2) When I use our Sonicwall VPN I can remote in to all the workstations on the network.

Things I've Tried:

1) Powered off the server, modem, sonicwall and powered them back on several times.

2) Ran a diag scan on the server before boot up - showed no issues.

3) Checked the settings on the sonicwall by logging in to the unit from another workstation.

As mentioned, I can't really check the server because it hangs everything I attempt to log in.  I'm kind of stumped right now.  People have mentioned that it might be a network card issue.  I want to get this resolved before the network looses all connections.
Who is Participating?
hecgomrecConnect With a Mentor Commented:
If this event ID is  4016, like I said earlier... you have a rouge process running on your server... it looks like your DNS server role is having problems with at least one zone.

Still, before going to the following steps make sure your AD is working properly.

First, shutdown all your workstations or remove server from the LAN and reboot so you have access to the server; Then:

-  Stop the DNS service

 - net stop netlogon
 - Delete your zone(s)
 - Delete the data in the system32\dns folder
 - Delete the system32\config\netlogon.dns and netlogon.bak

 - Uninstall DNS server role
 - Reinstall DNS server role

 - net start netlogon  

Do not create or re-create any special or specific zone(s) you may have on your environment at least until you are sure your issue is not re-occurring.  At this point you can connect the server to the LAN and allow workstations to connect.

You can also run:

- ipconfig /flushdns
- ipconfig /registerdns

on the stations to make sure they get new settings from the fresh copy of the DNS server.

Monitor the Server logs for any warnings and/or errors for AD DS or DNS.
Jason WatkinsIT Project LeaderCommented:
Can you connect to the server's event viewer via a remote MMC console? This may get you around the slowness the server is exhibiting. You're going to have to figure out what is causing the server to be so slow, which will include using it at some point to see if the HDD drive is maybe full, or to run the performance manager and get an idea of what the memory usage is like. There are many reasons why a server can slow down, but you have to look at the machine to determine why.

HDD Full?
Mal-ware infection?
Runaway process, eating up RAM?
NIC driver?
Server looking for some other resource on the LAN, that isn't there or responding?
PigoManAuthor Commented:
@Firebar do i need to log in to the server to set up mcc?  i haven't tried that because i can never get past the login screen.  if i do get on to the desktop anything i do like try to open avg or the admin console freezes the server.  

I know the hdd had about 75gigs of free space
Would a shutdown/restart stop any runaway processes or any searches for a non-responding resources?
SMB Security Just Got a Layer Stronger

WatchGuard acquires Percipient Networks to extend protection to the DNS layer, further increasing the value of Total Security Suite.  Learn more about what this means for you and how you can improve your security with WatchGuard today!

Jason WatkinsIT Project LeaderCommented:
While you are on the same network as the server and from another PC, open a blank MMC console by going to the Run dialog and typing "mmc". This will open up a blank MMC console.

Add the Event Viewer snap-in, but instead of adding the snap-in for the local computer, choose another computer.

Enter the name of the server for the remote computer. If the server's firewall isn't blocking WMI, then you'll see the event log open in the new console.

A reboot could kill an errant process, but there is nothing that would keep it from starting up again (depending on what that process was).
Imtiaz HashamTechnical Director / IT ConsultantCommented:
Remotely check the services.msc tab of the server to ensure all automatic services have started.  Looks like the DNS server is having issues...
PigoManAuthor Commented:
Thanks guys.  I was able to view Event Viewer and Services from a workstation.  I don't know exactly what I'm looking for but in Event Viewer > DNS Server I do have a lot of warnings and an error.  This is one warning followed by the error:


The DNS server encountered a packet addressed to itself on IP address The packet is for the DNS name "". The packet will be discarded. This condition usually indicates a configuration error.
Check the following areas for possible self-send configuration errors:
  1) Forwarders list. (DNS servers should not forward to themselves).
  2) Master lists of secondary zones.
  3) Notify lists of primary zones.
  4) Delegations of subzones.  Must not contain NS record for this DNS server unless subzone is also on this server.
  5) Root hints.
Example of self-delegation:
  -> This DNS server is the primary for the zone
  -> The zone contains a delegation of to,
  ( NS
  -> BUT the zone is NOT on this server.
Note, you should make this delegation check (with nslookup or DNS manager) both on this DNS server and on the server(s) you delegated the subzone to. It is possible that the delegation was done correctly, but that the primary DNS for the subzone, has any incorrect NS record pointing back at this server. If this incorrect NS record is cached at this server, then the self-send could result.  If found, the subzone DNS server admin should remove the offending NS record.
You can use the DNS server debug logging facility to track down the cause of this problem.

For more information, see Help and Support Center at


The DNS server timed out attempting an Active Directory service operation on DC=DomainDnsZones,DC=pigeon,DC=local.  Check Active Directory to see that it is functioning properly. The event data contains the error.

For more information, see Help and Support Center at
Jason WatkinsIT Project LeaderCommented:
Is the server a domain controller (DC)? If so, is the server's DNS server settings set to something else other than itself?
Imtiaz HashamTechnical Director / IT ConsultantCommented:
Logon to the server and then look at the DNS settings on all NICs and ensure they are pointing to the local IP address.

Open DNS Server MAnager and ensure:

a. it's running
b. the forwarders are external.
SurranoSystem EngineerCommented:
Looks like a network configuration issue to me but I wouldn't rule out some viral infection.
Can you
1. Bring down the server and remove the hard drives
2. Put the hard drives as *supplementary data* (i.e. *not* system) drives into another compatible machine which is *known* to be clean
3. Mount and run as aggressive virus / malware scanning as you can muster
I don't think DNS issues will prevent you from slow log in to the server... at least not locally.

If the server is providing and authenticating clients all over your network most likely there is a "rouge" process on the server taking processor and memory from it.

Try to reboot your server without any connection to it, no network cables, if you can work normally on the server start by checking your HD available space, then your events if there is nothing run a virus scan (this in case you browse on the server or run things on the server, a server is hard to be infected if you don't use it for other purposes than network operations.)

If you can't work normally even without connections, you must try to find out which process are running to try to identify and find the offender process.

I'm not saying your DNS error is a problem but it should not slow down or stall your server to a point you can't log or run anything on it locally.

There is something using your resources, memory and/or HD. Find it, clean it or kill it!!!!
Imtiaz HashamTechnical Director / IT ConsultantCommented:
DNS will guarantee do a slow logon as it will try to authenticate the servers where the DNS is pointing...
PigoManAuthor Commented:
hi everyone. i disconnected the server from the network and tried to log in to check everything out.  it's still running slow and ends up freezing.  i'm going to take it home with me today and try again.

workstations on the network are starting to have connectivity issues these past couple days so it looks like things are getting worse.  i'm hoping i can figure this out soon.  thanks for all your suggestions and appreciate more if you have any.
Jason WatkinsIT Project LeaderCommented:
The workstations are having connectivity issues to the server or just in general? Is this the only server on the network?
PigoManAuthor Commented:
@firebar workstations are starting to experience slow internet connection and connection to the network drive.  this is the only server on our network

does anyone know if its possible to view/edit the dns settings of the server through a workstation on the network via mmc?
Jason WatkinsIT Project LeaderCommented:
Depending on the version of Windows, you will need the adminpak.msi (XP) or the Remote Server Administration Tools (7) installed to connect to those functions from an MMC console on the workstation.
PigoManAuthor Commented:
hi everyone,

sorry for the late reply.  so i took the server home and booted up offline.  i ran virus scans and nothing turned up.  i plugged in to my internet at home and was able to log in to the server to run any updates available.  shut down and rebooted serveral times and the server was running smoothly.  went back to the office with the server to set it back up.  i shut down all workstations beforehand and powered down the modem and sonicwall.  powered up in this order, sonicwall > modem > server.  waited for the server to fully boot up and get to the ctrl-alt-del screen.  then i powered on all of the workstations.  everything worked again.  i was able to log in to the server with no hiccups, network connections were fine, and i was able to rdp to the server from an offsite location.  

about 24hrs later the same problem started happening again so now i am stuck at the same spot.  i checked the dns event viewer and got a couple messages i am not familar with.


The DNS server timed out attempting an Active Directory service operation on DC=PCSERVER,DC=pigeon.local,cn=MicrosoftDNS,DC=DomainDnsZones,DC=pigeon,DC=local.  Check Active Directory to see that it is functioning properly. The event data contains the error.


The DNS server timed out attempting an Active Directory service operation on ---.  Check Active Directory to see that it is functioning properly. The event data contains the error.


The DNS server has encountered numerous run-time events. To determine the initial cause of these run-time events, examine the DNS server event log entries that precede this event. To prevent the DNS server from filling the event log too quickly, subsequent events with Event IDs higher than 3000 will be suppressed until events are no longer being generated at a high rate.


any recommendations?  i really don't know where to start.  we never really touch the server so i don't know how settings could have changed.  thanks in advance.
SurranoSystem EngineerCommented:
Network connection dropped after 24 hours?
Maybe an unusually long DHCP lease time with failed renew?
All Courses

From novice to tech pro — start learning today.